Pimping a wordpress for high-performance and against DDoS attacks – series

For quite a while, I am supporting the finance blog of a friend of mine. He started this as a small blog project (it is still a blog) and quickly got a lot of traffic.

The initial setup was a hosted website with a provider including PHP and MySQL.
Quickly there was too much traffic and the site became really really slow. On top, the possibilities in this environment are limited.

Next step – own server. So we booked him a machine at Hetzner, a German ISP with quite good conditions. I put VMWare in place and virtualizied the entire thing.
As time goes, the machine became old and had to be replaced. So we decided for a new machine and to install everything bare metal (no VMs).
The current machine holds a Skylark Quad-Core processor, 64 GB of RAM, SATA HDD and a lot of more cool things.

So a fairly decent setup.

Recently the site was attacked using several different technics.

This series is about the steps we took to keep the site alive and also gain speed, performance, reduce load and file sizes.

The result of this series should be a WordPress installation on steroids.

You will use and run:

– Nginx
http/2
https / SSL encryption
– Caching for WordPress
– Optimized compression for images and files
– CDN
– Fail2Ban to avoid to many requests from one source
– Optimized caching on client side
Faster page loads
– Lazyload for images
– and many things more

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.